ERS Group is committed to the protection of all information and data in its custody and will collect and use that data only for authorized purposes. ERS Group manages all sensitive protected information using current, state-of-the-art measures and best practices to ensure the security, integrity, confidentiality and the resiliency of the computer systems and information contained therein.

ERS Group has adopted physical, electronic, and administrative processes and procedures to safeguard and secure protected information from loss or unauthorized access or disclosure, alteration or destruction. ERS Group seeks to ensure that any protected information in its possession is accurate, complete and otherwise reliable for the purpose for which it was intended to be used. It is the policy of ERS Group to protect client information that has been entrusted to us with the same stringent safeguards by which it protects its own internal information resources.

To insure that all protected information is kept both physically and logically secure at all times, ERS Group utilizes rigorous security controls and procedures for systems, Internet, electronic mail and other information maintenance and distribution systems, consistent with industry best practices. All users of ERS Group systems and resources abide by and adhere to the policies associated with these security provisions. They include but are not limited to strict access controls and procedures relating to network security, data encryption, change management, production monitoring, data leakage or other inadvertent disclosure, intrusion detection and prevention, malicious code attacks or infestations, system vulnerabilities, and other relevant identifiable security threats.

ERS Group engages outside auditors to provide objective verification of controls and regulation compliance. Since 2004 ERS Group has undergone industry standard third-party audits focusing on controls surrounding operations and information technology including security. Through the successful completion of these external audits, ERS Group's controls and procedures have been subjected to scrutiny and testing over a period of time to confirm the effectiveness of the controls. An ongoing audit program demonstrates ERS Group's commitment to ensuring that all protected information will be handled in a secure and controlled environment vetted by today's most authoritative standards.

ERS Group utilizes encryption to secure all protected information of its clients. This encryption includes both the encryption of data in transit and while at rest in the custody of ERS Group. Appropriate, user-friendly systems are in place to allow clients to securely transfer data and information to and from ERS Group through secure, encrypted means.

Access to data on ERS Group systems is restricted to selected ERS Group staff members based upon the need to know.

ERS Group clients will be notified in a timely manner of any security breach that potentially may affect their protected information in the possession of ERS Group or of any changes to ERS Group security policies and procedures that may adversely impact the security of their that information. Should you as a client or customer of ERS Group become aware of an actual or suspected breach or compromise of ERS Group systems or data hosted by ERS Group, please contact us immediately at ITSecurity@ersgroup.com.